Sounds cool, but how many people have the 9k USD to sink on the radio required? Security through price barriers.
Except it’s not security of course; the difficulty in obtaining hardware is a large reason as to why industrial control systems had such abysmal security for as long as they did.
They've really improved a lot. They used to be abysmal, but all of the scrutiny and high profile attacks have forced vendors to invest in bringing them up to merely terrible.
Vendors upgrading to simply terrible security doesn't mean their customers are protected. After all, why not use the opportunity to sell the Super Security Plus+ version of the existing hardware for a nice fee?
Because the majority of your customers and you yourself sit in the working groups which created that "non-secure version" of the standard.
Either your customer would disagree with the premise of the standard implementation being "insufficiently secure" or your contribution to security should be reviewed as an evolution to the standard.
Result: Security is not being questioned in this realm of commercial discussion.
>how many people have the 9k USD to sink on the radio required?
its a soft target. US telecom has habitually revealed their almost contemptuous disinterest in security and rely almost entirely on price barriers or law.
It would be trivial to pivot your narcotics racket to digital for only 9k or your online ransomware to LTE snooping.
for passive sniffing, it looks like you can run the cheaper module at only $2k, which is approachable for researchers.. actually fully loaded price tag is $11k or $4k as you need GPSDO also.. but $4k is almost approachable I guess..
Amazingly, you can probably get a reasonable GPSDO from eBay for a couple hundred dollars. I was running an Ettus B210 off of an eBay GPSDO and had about a 1Hz frequency offset relative to an LTE tower at 1800MHz. Pretty cool!
Sadly not yet. I’m very intrigued though! At one point I was going to try setting up a similar project using a… BladeRF? I forget which open LTE project it was.
Perhaps also "security through complexity" --- the specs for LTE and the previous mobile network protocols are freely available, but huge and very difficult to understand for someone not already familiar with the system (in comparison to e.g. Internet RFCs).
Modern LTE features a fairly high level of traffic security, although downgrade attacks remain a major problem. The article addresses this point: "The target of LTESNIFFER is to capture the wireless packets between the base station and the user. It can only obtain encrypted packets in most cases because it can’t know the cryptographic keys of users. However, some packets are transferred in plaintext by design." One of the reasons you here about cell-site simulators ("stingrays") a lot less these days is that improving security standards in the cellular network has made them less useful, although they are still widely employed and particularly rely on forcing downgrades to 3G.
Elsewhere, the article notes that one of the difficult things about sniffing LTE is that even the parameters used for the radio connection are encrypted, so some of them have to be inferred and guessed. That encryption isn't really intended as a security feature, we're talking about the modulation mode, but comes out of the fact that LTE revisions have erred on the side of caution with encrypting as much of the management traffic as practical. Much of this is a result of lessons learned with previous cellular protocols and protocols like WiFi, where unencrypted/unauthenticated management traffic has often become an attack vector.
I sometimes notice that my connection has been downgraded to 3G despite being in an area that regularly has full 4G coverage. Should I be suspicious of an attack? Is there any way to protect oneself from this type of attack?
> There are more reliable hardware options available for detecting IMSI catchers, which make sense when protecting multiple smartphone users in a single site, like a corporate headquarters or military base. Typically, such a setup involves a fixed, embedded system containing sensor hardware and a cellular modem for continuously monitoring the broadcast signals of the surrounding base stations, along with a database to which data is uploaded for analysis. When an IMSI catcher is detected, alerts can then be sent to all of an organization’s smartphone users.
Phones should allow users to define a whitelist of known-good cell tower IDs, which could be loaded for a known geo-location.
Why don't cell towers have the equivalent of an SSH host key, so that unknown cell towers trigger a warning before connection?
Turning off the phone isn't a solution though. The concern with the attack is that someone is snooping on my connection while I use it. If I can't use my phone confidently knowing no one is watching, then my only other option would be not to trust the phone at all.
Since most phones no longer have power-off, a faraday bag is needed to block all RF (cellular, wifi, bluetooth) radios on the phone from communicating with nearby radios.
> The concern with the attack is that someone is snooping on my connection while I use it. If I can't use my phone confidently knowing no one is watching, then my only other option would be not to trust the phone at all.
This is sadly the case today. It will only change with greater participation of civil society in technology standard-setting, open-source "cyber" defense and security research.
In addition to reducing usage of untrustworthy phones and radio bands, reduce funding of untrustworthy telcos by subscribing via lower-cost prepaid MVNOs.
LTE does perform authentication of the tower, it's one of the reasons cell site simulators are becoming less useful---phones that refuse a downgrade to 3G will refuse to fully associate with a simulated site, so only limited information about the phone (some identifiers) can be obtained.
> IMSI Catcher attacks are really practical for the state-of-the-art 4G/LTE mobile systems too. Our IMSI Catcher device acquires subscription identities (IMSIs) within an area or location within a few seconds of operation and then denies access of subscribers to the commercial network. Moreover, we demonstrate that these attack devices can be easily built and operated using readily available tools and equipment, and without any programming. We describe our experiments and procedures that are based on commercially available hardware and unmodified open source software.
Supposing cell towers don't currently have a key; if they did your cell provider would certainly have a way to push new ones to your phone, and under government warrant they'd simply push the key of the stingray to your phone as well, or give the stingray the key of an existing tower.
If your cell provider is going to help stingrays connect to your phone, the government might as well just install the wiretap at the provider and none of this matters.
Governments and law enforcement would be the best-case scenario for telco monitoring and phone/endpoint hacking via NSO et al, because there would at least be some legal framework for narrowly targeted lawful intercept.
The risk of insecure-by-design telco standards, radio networks and untrustworthy phones is that zero-day and unfixable vulnerabilities could be abused for targeted and mass surveillance by networks of criminal, corrupt or non-state actors.
If Clearview AI can scrape billions of human images from public social networks, for commercial facial recognition services, imagine the per-geo economic value of passive radio signal collection and retroactive footprint analysis by AI.
Sure, but the point is that if we assume that the telco is malicious none of LTE's security matter or could ever matter. They are the party you are encrypting the data for, so they always by definition can log/sniff/whatever it.
There's no point in designing telco standards for cases where the telco is a malicious party.
> This feature is not intended to improve the confidentiality of traditional calls and texts, but it might somewhat raise the bar for some forms of interception. It's not a substitute for end-to-end encrypted calls / texts or even transport layer encryption. LTE does provide basic network authentication / encryption, but it's for the network itself. The intention of the LTE-only feature is only hardening against remote exploitation by disabling an enormous amount of both legacy code (2G, 3G) and bleeding edge code (5G).
Very odd. I wonder what could account for that. Some kind of legacy 3G initial handshake that particular modem needs before it negotiates an LTE connection? I am completely making that up, but something along those lines.
Tunnel everything on your phone over Wireguard back to a trusted location, and don’t use phone or SMS; stick to VoIP over the VPN tunnel. Any kind of stingray is effectively rendered useless in this scenario.
I really wish the iPhone let you disable certain bands - I get there's an argument about "you need to be able to use them just in case you need it for an emergency call", but in Australia where I live, the 2G networks have all been shut down and the spectrum re-allocated, and my carrier will shut down 3G around the end of the year an the largest carrier shut 3G down mid 2024.
So I can safely disable 2G knowing that I will not need it, since the networks don't exist and while I'm in the country the only possible use would be a downgrade attack. Similarly, I'm happy to turn off 3G given I'm very rarely out of LTE coverage and it's not long until it will be gone anyway.
If it's really a problem, they could have an "re-enable bands if needed while attempting an emergency call" option (or have it do it automatically with no option).
IANAL but, IIRC any sniffing seems to be fine in general?
You'd only get in trouble if you transmitted anything. I don't even think you need a license to just listen to stuff.
Also I think the paper mentions that many types of packets are in fact encrypted, and only certain control packets are sent in the clear. This seems to be not any more concerning than other Internet related protocols which also send a lot of coordination information in cleartext.
When I got my ham radio license they told us that listening is never against the law. decrypting anything or transmitting on unlicensed frequencies are major offenses, on the other hand.
That’s probably a bit of a generalization — they likely said that thinking about the FCC rules that a new ham would be dealing with. Since the focus of those test/classes is to get an FCC license. As I understand, telecom traffic is a big exception to this because of wiretap laws which are not FCC regulations, they’re criminal law which the FCC doesn’t really have anything to do with.
Try searching radioreference forums for “pager decoding” as a counter example.
Of course, you should be able to follow wiretap law by listening to your own devices. They same way people use wireshark legally: run it on your own network.
Thank you for the link. I definitely need to review the legislation. I definitely remember that the license let's me operatea police scanner while your driving.
Well, most states don't penalize anyone for operating a police scanner.
It seems pretty important that MI would have that exception the way that statute is written, otherwise it would prohibit the ownership of ham radios.
Because ...
> a radio receiving set that will receive signals sent on a frequency assigned by the federal communications commission of the United States for police or other law enforcement, fire fighting, emergency medical, federal, state, or local corrections, or homeland security purposes.
... doesn't just describe police scanners. It describes basically all VHF/UHF ham radios.
You could ask the same question about any wiretap. People usually get caught by creating some sort of evidence that they committed the crime. Maybe a recording, maybe they told someone, maybe they acted on the information, etc.
LTE stands for 4G and they use 128-EEA2 (AES-CTR) or 128-EIA2 (AES-CMAC) which are kinda same as TLS 1.2 and TLS 1.3. Where the latter suppors chacha additionally.
GCM on TLS gives greater performance and the integrity can be confirmed earlier, but there are no serious security problems on algorithm side.
Important to note that the encryption you mention applies to user data traveling between the UE and the eNodeB. Some control plane data between the UE and eNB is unencrypted and no encryption of user data is done between the eNB and the network (unless it’s done at a higher layer).
Except it’s not security of course; the difficulty in obtaining hardware is a large reason as to why industrial control systems had such abysmal security for as long as they did.